Ransomware – The Story of One of the Most Profitable Businesses in the Hacking World

For the past few years, ransomware attacks have been making headlines with individuals, organizations, and even companies being forced to pay hackers to recover important data that’s been held hostage.

Ransomware is a type of malware that penetrates your system and blocks access to your files. Most cyber criminals aren’t interested in your bank statements or important documents, they just want a ransom. They will force their victims to pay it in return for their data.

Although a novelty to most people, ransomware applications have been around for over 11 years. The first strike took place in in Russia, in 2005. Since then, these criminal programs managed to become profitable businesses for hackers which hide on the dark side of the web. Though most people know the cryptor type of these viruses, there were many other predecessors, which helped build this vexing phenomenon. And, most probably, there will be other successors to continue to ensure that this business remains lucrative.

How It All Started

The foundation of the ransomware, as we know it today, was made in 1989. Then, the 20,000 diskettes that were designed to be distributed to the World Health Organization Aids conference were hijacked. Joseph L. Popp, a Harvard alumni which invented the very first ransomware program – the AIDS Trojan, was the culprit. Since this technology stage was at the very beginning, so the decryption process didn’t take long. However, this situation managed to let cyber criminals know that hacking and corrupting a system’s files was possible.

The Beginning of the Modern Ransomware Era

The new modern types of ransomware were first developed in Russia, between 2005 and 2006, and were directed mainly to local victims. They also targeted victims living in neighboring Russophone countries, such as Ukraine, Belarus or Kazakhstan. The virus was selecting certain types of files and placing them into a password-protected ZIP folder. For the victim to get their files back, they needed to pay almost $300 and transfer them into an E-Gold account – a system which preceded BitCoin. The involvement of E-Gold in these hacking businesses led to the suspension and dissolution of the company in 2009.

The Police Ransomware

By 2010, the international community became very familiar with this incredible online threat. Soon, it became very common that ransomware uses the look of a law enforcement notice to extract more money from more naïve victims. The virus would send an online notification to the user, announcing that his computer is locked for investigation because he has been involved in a crime, usually copyright infringement or illicit pornography. The victim was offered a chance to have the charges dropped. All they needed to do was to pay a false fine by a certain deadline. Otherwise, the fine would be doubled.

This ransomware program was called Reveton, and it was a huge adaptable virus, able to take different forms from country to country.

CryptoLocker – the Biggest Milestone in the Ransomware History

A huge shift in the evolution of ransomware was made through CryptoLocker, which was launched in September 2013. CryptoLocker managed to introduce the near-unbreakable encryption, which made files remain locked if a payment wasn’t performed.

Its fast propagation took place in the form of email attachments and was mostly targeting business professionals. The average ransom for recovering corrupted data was between 100-400 dollars, euros or British pounds. Even though CryptoLocker was destroyed fast, it managed to offer sufficient insights to hackers. They used the program to build the next crypto-ransomware technologies: TorrentLocker, CryptoWall, and CryptoDefense.

The Present

The current situation shows us that ransomware is still indestructible, with many affected companies or even governmental institutions paying hackers for recovering their data. Even though the most widespread type of ransomware is targeting Windows systems – as they are the most popular in the world – new crypto-ransomware has been designed to function on Android devices, Mac or even Linux systems, as well. Ransoms are being paid mainly through bitcoins and can reach tens of thousands of dollars.

What Is Next?

The scary thing about ransomware is that nobody has a clue how to stop it. There is no cure for this type of malware, and the classical programs are daily improved. Most probably, ransomware will become more and more difficult to combat, as there are new complex technologies that can ensure cryptors with very difficult reverse-engineering.

Consumers, businesses, and government organizations alike should take measures to prevent the spread of ransomware. In addition to updating old software systems, they should also avoid opening emails with email attachments that are unsolicited or unknown. Also, backing up your data with a secure ransomware resistant backup is vital.  Although this is a long fight to battle, there are still ways you can keep your data safe from cyber criminals.

Try Us

Free Trial    Watch Demo


For a hassle free 30 day trial, click the "Free Trial" button, download and deploy a copy of the appliance. No Credit Card required.